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DETAILED ACTION 

1 . This action is issued in response to applicant's RCE filed February 27, 2007. 

2. Claims 1-55 are presented. No claims added and claims 5 and 25 are cancelled. 

3. Claims 16-18 and 36-55 remain withdrawn. 

4. Claims 1-4,6-15,19-24, and 26-35 are pending. 

5. Applicant's arguments filed January 29, 2007, have been fully considered but 
they are not persuasive. 

Continued Examination Under 37 CFR 1.114 

6. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.1 14, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
February 27, 2007 has been entered. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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8. Claims 1-3,6-11,15,22-24,26-31, and 35 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Valois (US Patent Application No. 20040260818) filed 
June 23, 2003, in view of Delany (US Patent Application No. 20020156879) filed 
November 30, 2001. 

Regarding Claims 1 and 22, Valois discloses a method comprising: 
storing authorization data that defines an access control attribute ([0058], 
lines 4-10, Valois) 1 and an associated regular expression specifying a textual 
pattern ([0057], lines 4-9, Valois). However, Valois is silent with respect to the 
access control attribute is a coarse-grain access control attribute defining access 
control rights for a resource provided by a device. On the other hand, Delany 
discloses the access control attribute is a coarse-grain access control attribute 
defining access control rights for a resource provided by a device ([0118], 
. Delany). Valois and Delany are analogous art because they are from the same 
. field of endeavor of relating to a system that provides authorization compliance 
validation with a security policy. It would have been obvious to one of ordinary 
skill in the art at the time of the invention to incorporate Delany's teachings into 
the Valois system. A skilled artisan would have been motivated to combine in 
order to achieve the level of detail at which the data would have been 
considered. As a result, coarse-grain access provides higher performance 



1 Examiner Notes: Authorization data corresponds to "references" and the definition is an attribute that is 
part of the Access Control List (ACL). 
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through more optimized protocols and the data tends to work on contiguous 
regions at a time. Therefore, the combination of Valois in view of Delany, 
disclose receiving a command from a client, wherein the command requests 
access to configuration data for the resource of the device ([0159] and [0165], 
Delany); evaluating the command using the regular expression to determine 
whether the command matches the textual pattern ([01 18], lines 19-26, Delany); 
and controlling access to the configuration data by the client based on the 
coarse-grain access control attribute and the evaluation of the regular expression 
([0159], lines 1-10, Delany). 

Regarding Claims 2 and 23, the combination of Valois in view of Delany, 
disclose a method wherein controlling access comprises 

allowing access to the configuration data when the access control attribute 
denies access to the resource ([0067], lines 1-4, Valois) and the textual pattern of 
the regular expression matches the command ([0117], lines 18-20 and [0118], 
lines19-26, Delany). 

Regarding Claims 3 and 24, the combination of Valois in view of Delany, 
disclose a method wherein controlling access comprises 

denying access to the configuration data when the access control attribute 
grants access to the resource ([0067], lines 5-9, Valois) and the textual pattern of 
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the regular expression matches the command ([0117], lines 18-20 and [0118], 
lines19-26, Delany). 

Regarding Claims 6 and 26, the combination of Valois in view of Delany, 
disclose a method wherein the coarse-grain access control attribute comprises a 
set of permission bits, and each of the permission bits is associated with a 
respective group of the resources ([0161], lines 3-5, Delany). 

Regarding Claims 7 and 27, the combination of Valois in view of Delany, 
disclose a method further comprising receiving the command from the client via a 
command line interface ([0199], lines 2-11, Delany) 2 . 

Regarding Claims 8 and 28, the combination of Valois in view of Delany, 
disclose a method wherein evaluating the command comprises evaluating the 
command in real-time ([0383], lines 9-14, Delany) while the client inputs the 
. command via the command line interface ([01 99], lines 2-1 1 , Delany). 

Regarding Claims 9 and 29, the combination of Valois in view of Delany, 
disclose a method wherein the configuration data is arranged in the form of a 
multi-level configuration hierarchy having a plurality of objects (Fig. 5, [0142], 
lines 1-2, Delany), and each of the objects represents a portion of the 
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configuration data that relates to one or more resources of the device ([0142], 
lines 2-5, Delany). 

Regarding Claims 10 and 30, the combination of Valois in view of Delany, 
disclose a method wherein the objects have respective textual labels ([0143], 
lines 1-4, Delany) and the regular expression defines the textual pattern to match 
the textual labels ([0057], lines 4-9, Valois) of a set of one or more of the objects 
within the configuration hierarchy (Fig. 5, Delany). 

Regarding Claims 11 and 31, the combination of Valois in view of Delany, 
disclose a method wherein evaluating the command comprises applying the 
regular expression to the command ([0099], lines 1-7, Valois) to determine 
whether the command specifies any of the objects within the set ([0142], lines 2- 
5, Delany). 

Regarding Claims 15 and 35, the combination of Valois in view of Delany, 
disclose a method wherein controlling access comprises controlling access to 
configuration data of a router ([0053], lines 6-10, Valois). 

9. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Valois (US Patent Publication No. 2004/0260818) filed June 23, 2003, as applied to 



2 Examiner Notes: Receiving the command from a client corresponds to "a user can request..." and the 
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claims 1-3,15,22-24, and 35 above, and further in view of Mitra (US Patent No. 
6,973,460) filed November 26, 2002. 

Regarding Claim 4, Valois discloses a method for storing authorization 
data ([0058], lines 4-10, Valois). However, Valois does not explicitly disclose 
storing the authorization data as a class that conforms to a class syntax. On the 
other hand, Mitra discloses storing the authorization data as a class that 
conforms to a class syntax (column 8, lines 7-18, Mitra). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to 
incorporate Mitra's teaching into the Valois system. A skilled artisan would have 
been motivated to combine the two references as suggested by Mitra (column 7, 
lines 48-52), in order for the classes to be annotated such that, at run-time, 
useful information about how the data is organized for each of the various ways 
of storing the data (i.e. configuration) may be extracted from the annotations. As 
a result, this allows for various services to perform operations in accordance with 
the information. 

10. Claims 12-14,19-21, and 32-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Valois (US Patent Publication No. 2004/0260818) June 23, 2003, 
in view of Delany (US Patent Publication No. 2002/0156879) filed November 30, 



interface corresponds to "GUI". 
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2001, and further in view of Nelson (US Patent No. 6,243,713) filed August 24, 
1998. 

Regarding Claims 12 and 32, the combination of Valois in view of Delany, 
disclose a method further comprising to automatically insert one or more meta- 
characters into the regular expression ([0451-0453], lines 1-7, Delany) based on 
the hierarchical arrangement of the configuration data (Fig. 5, Delany). However, 
Valois in view of Delany, do not explicitly disclose pre-processing the regular 
expression. On the other hand, Nelson discloses pre-processing the regular 
expression (column 10, lines 39-50, Nelson). It would have been obvious to one 
of ordinary skill in the art at the time of the invention to incorporate Nelson's 
teachings into the Valois in view of Delany system. A skilled artisan would have 
been motivated to combine the two references as suggested by Nelson (column 
9, lines 60-65), in order to convert component data into a list of distinctive objects 
that represent the original data of the component, this-is understood to perform 
data reduction. Pre-processing remove any non-essential information that does 
not substantially add to the quality of the system. As a result, pre-processing 
saves the system time and space for capacity. 
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Regarding Claims 13 and 33, the combination of Valois in view of Delany 
and further in view of Nelson, discloses a method further comprising: 

pre-processing the regular expression (column 10, lines 39-50, Nelson) so 
that the command is evaluated with the regular expression in real-time ([0383], 
lines 9-14, Delany) as the client enters the command ([0199], lines 2-11, Delany). 

Regarding Claims 14 and 34, the combination of Valois in view of Delany 
and further in view of Nelson, discloses a method wherein evaluating the 
command comprises evaluating the command with the pre-processed regular 
expression each time the client enters a token indicating a textual break within 
the command (column 17, lines 35-40, Nelson). 

Regarding Claim 19, the combination of Valois in view of Delany and 
further in view of Nelson, discloses a method comprising: 

receiving input ([0056], lines 3-7, Valois) defining an access control 
attribute ([0058], lines 4-10, Valois) and an associated regular expression that 
specifies a textual pattern ([0057], lines 4-9, Valois); 

pre-processing the regular expression (column 10, lines 39-50, Nelson) to 
automatically insert one or more meta-characters into the regular expression 
([0451-0453], lines 1-7, Delany); 
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evaluating a command in real-time using the regular expression ([0383], 
lines 9-14, Delany) as a client enters the command via a command line interface 
([0199], lines 2-11, Delany); and 

controlling access to configuration data of a device based on the 
evaluation ([0066], lines 1-9, Valois). 

Regarding Claim 20, the combination of Valois in view of Delany and 
further in view of Nelson, discloses a method further comprising storing the 
configuration data in the form of a multi-level configuration hierarchy having a 
plurality of objects (Fig. 5, [0142], lines 1-2, Delany), wherein pre-processing the 
regular expression comprises automatically inserting one or more meta- 
characters into the regular expression ([0451-0453], lines 1-7, Delany) based on 
the hierarchical arrangement of the configuration data (Fig. 5, Delany). 

Regarding Claim 21 , the combination of Valois in view of Delany and 
further in view of Nelson, discloses a method wherein the regular expression 
defines a textual pattern that identifies one or more of the objects within the 
configuration hierarchy, and evaluating the command comprises: 

applying the regular expression in real-time ([0383], lines 9-14, Delany) to 
determine whether a portion of the command that has been entered by the client 
matches the textual pattern ([0064], lines 1-5,Valois); and 
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selectively allowing the client to complete the command based on the 
determination ([0199], lines 2-11, Delany). 

Response to Arguments 

Applicant's arguments with respect to newly amended claiml and claim 19 have 
been considered but are moot in view of the new ground(s) of rejection. 

Points of Contact 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chelcie Daye whose telephone number is 571-272- 
3891 . The examiner can normally be reached on M-F, 7:00 - 4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Apu Mofiz can be reached on 571-272-4080. The fax phone number for the 
organization where this application or.proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 

Patent Application Information Retrieval (PAIR) system. Status information for 

published applications may be obtained from either Private PAIR or Public PAIR. 

Status information for unpublished applications is available through Private PAIR only. 

For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

you have questions on access to the Private PAIR system, contact the Electronic 

Business Center (EBC) at 866-217-9197 (toll-free). 

Chelcie Daye 
Patent Examiner 
Technology Center 2100 
May 9, 2007 




